Report Reveals Underreporting of Cyber Breaches Due to Fear of Job Loss
A new report from cybersecurity company VikingCloud has revealed a concerning trend in the industry – 40% of cyber teams have not reported a cyber incident out of fear of losing their jobs. This underreporting of cyber breaches globally highlights a serious disconnect between the confidence business leaders have in their defenses and the reality of their preparedness.
The report, titled The 2024 Threat Landscape Report: Cyber Risks, Opportunities, & Resilience, sheds light on the challenges faced by cybersecurity professionals. Despite 96% of companies expressing confidence in their ability to detect and respond to cyberattacks in real time, the numbers tell a different story.
Among surveyed cybersecurity professionals in the US, UK, and Ireland, 48% admitted being unprepared for attacks against critical third parties, and 40% were not ready to handle phishing attacks. Additionally, 53% felt ill-equipped to defend against emerging AI attack methods, and 55% believed cybercriminals were more advanced than their internal teams.
The lack of preparedness extends to regulatory requirements as well, with 68% of teams unable to meet the US Securities and Exchange Commission’s four-day disclosure requirement. Moreover, 63% spend over 208 hours per year managing false positives, potentially missing real breaches in the process.
VikingCloud’s chief product officer, Kevin Pierce, emphasized the false sense of security prevalent in many businesses, which could lead to heightened cyber risk. With a growing talent shortage, new attack methods, and increasingly sophisticated cybercriminals, cyber teams are struggling to keep up.
Pierce highlighted the need for companies to invest in the right technology, people, and expert partners to address the evolving cyber threat landscape. The report also emphasized the importance of training teams on emerging cyber risks, particularly those related to generative AI, and leveraging advanced technology to enhance cybersecurity capabilities.
As cyber threats continue to evolve, it is crucial for organizations to prioritize cybersecurity and equip their teams with the necessary tools and knowledge to combat cybercriminals effectively.